[Bug 1915547] Re: Users are prompted by ucf on upgrade from Trusty to Xenial

Fri Mar 5 13:31:53 UTC 2021

Hello Lucas, or anyone else affected,

Accepted unattended-upgrades into xenial-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source
/unattended-upgrades/1.1ubuntu1.18.04.7~16.04.7 in a few hours, and then
in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
xenial to verification-done-xenial. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-xenial. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: unattended-upgrades (Ubuntu Xenial)
       Status: Triaged => Fix Committed

** Tags added: verification-needed verification-needed-xenial

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1915547

Title:
  Users are prompted by ucf on upgrade from Trusty to Xenial

Status in unattended-upgrades package in Ubuntu:
  Fix Released
Status in unattended-upgrades source package in Xenial:
  Fix Committed

Bug description:
  [Impact]
  During an upgrade from trusty to xenial, users will be prompted to make a decision regarding the diff on unattended-upgrades. This is not a good user experience, specially because the user can make an uninformed decision of keeping the old config file, which will make unattended-upgrades to not work as we expect.

  [Test case]

  To reproduce the issue, you can:

  1. Launch a trusty vm
  2. Perform a do-release-upgrade and observe that you will be prompted with the 50unattended-upgrades change

  To verify that the error is fixed:

  1. Launch a trusty vm
  2. Import this ppa into the system:
     https://launchpad.net/~lamoura/+archive/ubuntu/unattended-upgrades-ppa
  3. Configure do-release-upgrade to allow using third parties during upgrade
  4. Run a do-release-upgrade
  5. Verify the prompt is no longer there and that we end up with the 
     expected 50unattended-upgrades config file

  [Where problems could occur]

  The changes in this package should only surface during an upgrade
  operation.  With this change, we are now delivering a new file to the
  system and configuring postinst to use it. Because of that, we believe
  this is the only scenario that could be affected in case of a
  regression is discovered in the package.

  [Discussion]
  When upgrading from trusty to xenial, we are prompted about config changes on 50unattended-upgrades with the following diff:

  --- /etc/apt/apt.conf.d/50unattended-upgrades root.root 0644 2017-05-08 19:21:39
  +++ /etc/apt/apt.conf.d/50unattended-upgrades.ucftmp root.root 0644 2020-02-17 18:03:38
  @@ -1,11 +1,13 @@
   // Automatically upgrade packages from these (origin:archive) pairs
   Unattended-Upgrade::Allowed-Origins {
  + "${distro_id}:${distro_codename}";
   "${distro_id}:${distro_codename}-security";
   // Extended Security Maintenance; doesn't necessarily exist for
   // every release and this system may not have it installed, but if
   // available, the policy for updates is such that unattended-upgrades
   // should also install from here by default.
  - "${distro_id}ESM:${distro_codename}";
  + "${distro_id}ESMApps:${distro_codename}-apps-security";
  + "${distro_id}ESM:${distro_codename}-infra-security";
   // "${distro_id}:${distro_codename}-updates";
   // "${distro_id}:${distro_codename}-proposed";
   // "${distro_id}:${distro_codename}-backports";

  The reason we are presented with this diff is that the xenial package
  does not contain a md5sum history file that informs ucf about all the
  supported configs for 50unattended-upgrades. To fix that upgrade
  problem, we are prosing the following changes on the xenial package of
  unattended-upgrades:

      - Add 50unattended-upgrades.md5sum file into the xenial package
      - Add md5sum of the current xenial 50unattende-upgrades file into the md5sum history file
      - Modify ucf command in postinst to be aware of the md5sum history file

  See the changelog entry below for a full list of changes and bugs.

  We have performed a manual test with a modified version of the xenial package:
  https://launchpad.net/~lamoura/+archive/ubuntu/unattended-upgrades-ppa

  Using that package, we were able to verify that the config change
  prompt no longer happens from trusty to xenial.

  Since we are modifying are features on unattended-upgrades, just
  adding a new file to package, we don't believe there is any regression
  potential

  == Changelog ==

    * data: add md5sum history file on the data folder
      - This file contains md5sum of several supported 50unattended-upgrades
        config files
    * data: add xenial md5sum of 50unattented-upgrades into md5sum file
    * debian/postint: make ucf command reference the md5sum history file

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1915547/+subscriptions